{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2025-2309","title":"Title"},{"category":"description","text":"A vulnerability has been found in HDF5 1.14.6 and classified as critical. This vulnerability affects the function H5T__bit_copy of the component Type Conversion Logic. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor plans to fix this issue in an upcoming release.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2025-2309","url":"https://www.suse.com/security/cve/CVE-2025-2309"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1239688 for CVE-2025-2309","url":"https://bugzilla.suse.com/1239688"}],"title":"SUSE CVE CVE-2025-2309","tracking":{"current_release_date":"2025-12-19T00:52:02Z","generator":{"date":"2025-03-17T14:17:58Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2025-2309","initial_release_date":"2025-03-17T14:17:58Z","revision_history":[{"date":"2025-03-17T14:17:58Z","number":"2","summary":"Current version"},{"date":"2025-05-08T11:49:08Z","number":"3","summary":"Current version"},{"date":"2025-07-15T23:34:43Z","number":"4","summary":"Current version"},{"date":"2025-07-16T23:34:43Z","number":"5","summary":"Current version"},{"date":"2025-12-17T00:52:44Z","number":"6","summary":"description changed"},{"date":"2025-12-19T00:52:02Z","number":"7","summary":"description changed"}],"status":"interim","version":"7"}}}